August 7, 2017 by

New Cybersecurity Guidelines for Smart Cars issued by the UK government

New cybersecurity guidelines for smart cars were issued by the UK government. The British government has issued a new set of guidelines on Sunday for automakers to incorporate cybersecurity as a priority into their designs of internet-connected vehicles. All internet connected vehicles to drive on the streets need to be better protected against hackers. The Department of Transport and Centre for the Protection of National Infrastructure (CPNI) development eight principles for automakers to follow when making connected cars. UK Transport Minister Lord Callanan said that the number of autonomous and connected vehicles increase on the streets of Britain, guidlines should be put in place to protect consumers. Callanan stated:

“Our cars are becoming smarter and self-driving technology will revolutionise the way in which we travel. Risks of people hacking into the technology might be low, but we must make sure the public is protected.

Whether we’re turning vehicles into wifi connected hotspots or equipping them with millions of lines of code to become fully automated, it is important that they are protected against cyber-attacks.”

The eight principles are:

  • Principle 1: Organizational security is owned, governed and promoted at board level
  • Principle 2: Security risks are assessed and managed appropriately and proportionately, including those specific to the supply chain
  • Principle 3: Organizations need product aftercare and incident response to ensure systems are secure over their lifetime
  • Principle 4: All organizations, including sub-contractors, suppliers and potential 3rd parties, work together to enhance the security of the system
  • Principle 5: Systems are designed using a defense-in-depth approach
  • Principle 6: The security of all software is managed throughout its lifetime
  • Principle 7: The storage and transmission of data is secure and can be controlled
  • Principle 8 – The system is designed to be resilient to attacks and respond appropriately when its defenses or sensors fail

The guidelines will force engineers to design vehicles around cyber security threats. All well as, incorporate systems that have the ability to withstand receiving corrupt, invalid, or malicious data. It will also give its users the power to delete personal data from the car’s systems. McAfee chief scientist, Raj Samani said “Driverless vehicles must be secure by design, and the government’s new guidelines will undoubtedly play a key role in ensuring that UK car manufacturers make that happen.”

Mark Noctor, VP EMEA at Arxan Technologies has stated: “A major cyber-attack on connected vehicles would take a terrible toll on human life, so the security guidelines published by the UK Government on Sunday are an important step in securing this emerging technology.” With the issue of the new guidelines the UK government will continue to work alongside the auto industry to ensure vehicles are protected.

About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

New Ransomware ‘Spider’ Threatens Wipeout in 96 Hours

A new strain of ransomware discovered by security researchers encrypts files and gives victims a...

Read more arrow_forward

Security Researchers Discover Trove of 1.4 Billion Credentials

Security researchers at dark web monitoring firm 4iQ have stumbled upon a massive 41GB data file of...

Read more arrow_forward

Gartner Research: Cybersecurity Spending to Hit $96 Billion in 2018

Gartner has predicted worldwide security spending to increase by 8% in 2018 to hit a staggering $96...

Read more arrow_forward